CVE-2008-6744

Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Published: Apr 23, 2009
Updated: Apr 13, 2023
CVE: CVE-2008-6744
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
cybozu / cybozu_garoon	2.0.4	2.0.4.x
cybozu / cybozu_garoon	2.0.0	2.0.0.x
cybozu / cybozu_garoon	2.0.3	2.0.3.x
cybozu / cybozu_garoon	2.1.0	2.1.0.x
cybozu / cybozu_garoon	2.1.3	2.1.3.x
cybozu / cybozu_garoon	2.1.1	2.1.1.x
cybozu / cybozu_office	6	6.x
cybozu / cybozu_garoon	2.0.5	2.0.5.x
cybozu / cybozu_garoon	2.1.2	2.1.2.x
cybozu / cybozu_garoon	2.0.6	2.0.6.x
cybozu / cybozu_dezie	-	6.x
cybozu / cybozu_garoon	2.0.2	2.0.2.x
cybozu / cybozu_garoon	2.0.1	2.0.1.x

http://cybozu.co.jp/products/dl/notice/detail/0016.html
http://cybozu.co.jp/products/dl/notice/detail/0018.html
http://jvn.jp/en/jp/JVN18405927/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
http://osvdb.org/46575
http://secunia.com/advisories/30882
https://exchange.xforce.ibmcloud.com/vulnerabilities/43438

Vulnerability Database

289,697

CVE-2008-6744